Wind River Support Network

HomeDefectsLIN1021-379
Fixed

LIN1021-379 : Security Advisory - ffmpeg - CVE-2020-22015

Created: May 26, 2021    Updated: Sep 25, 2021
Resolved Date: Sep 1, 2021
Found In Version: 10.21.20.1
Fix Version: 10.21.20.5
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code.

CREATE(Triage):(User=admin) CVE-2020-22015 (https://nvd.nist.gov/vuln/detail/CVE-2020-22015)

CVEs


Live chat
Online